Accountants Community Home

ProConnect Lacerte Notifications - Up to Date Information Regarding Tax Scams and Alerts

This announcement page will be updated when we receive new information regarding possible tax scams which could potentially affect you, our customers and your clients. 

This announcement can be 'followed' in order to receive an email notification each time a new item is posted. 

Please click the following link for instructions to set up your email notifications: https://accountants-community.intuit.com/articles/1635808&src=lsccom

Please scroll down to view the most recent posts.

14 updates

Released July 10, 2018 (IR-2018-147)

The Internal Revenue Service and its Security Summit partners recently kicked off a summertime security awareness campaign for tax professionals with a new, expanded guide providing critical steps to protect client data and highlighting available resources.

The new effort by the IRS, state tax agencies and the nation's private-sector tax industry follows continued security threats to tax and financial data held by tax professionals. Data thefts at tax practitioners’ offices continue to rise and result in fraudulent tax returns that can be especially difficult for the IRS and states to detect.

This marks the first in a series called "Protect Your Clients; Protect Yourself: Tax Security 101." The Security Summit awareness campaign is intended to provide tax professionals with the basic information they need to better protect taxpayer data and to help prevent the filing of fraudulent tax returns.

To mark the start of this awareness campaign, the IRS revised Publication 4557, Safeguarding Taxpayer Data, to better reflect the current threats to tax professionals. The guide outlines basic steps tax professionals should take, how to take them and provides details on how to comply with requirements for a data security plan. The IRS also created a new product, Publication 5293, Data Security Resource Guide for Tax Professionals, which highlights a compilation of IRS.gov resources for tax preparers.


How to Maintain, Monitor and Protect your EFIN: 


Why Tax Professionals Need a Security Plan:


Released August 14, 2018 (IR-2018-164)

The Internal Revenue Service and the Security Summit partners warned tax professionals that savvy cybercriminals target IRS-issued identification numbers to help impersonate practitioners as well as taxpayers.

To help protect against this threat used on the Dark Web, the IRS, state tax agencies and the tax industry reminded practitioners that they must maintain, monitor and protect their Electronic Filing Identification Numbers (EFINs) as well as keep tabs on their Preparer Tax Identification Numbers (PTINs) and Centralized Authorization File (CAF) numbers.

To view this IRS News Release and learn what you can do to protect these important numbers from identity thieves, please go to https://www.irs.gov/newsroom/tax-security-101-tax-professionals-must-maintain-protect-efins-monitor-....

Released August 28, 2018 (IR-2018-175)

The Internal Revenue Service and Security Summit partners reminded tax professionals that protecting taxpayer information isn’t just good for the clients and good for business – it’s also the law.

The Summit partners urged tax professionals to be aware of their obligations to protect client data and to cooperate with any IRS investigation related to data theft.

The IRS has a number of publications to help tax professionals navigate tax-related rules and regulations related to protecting data. In addition, the IRS, state tax agencies and the tax industry today reminded tax return preparers that a 1999 law requires that they create and implement a data security plan.

This is the eighth in a series called “Protect Your Clients; Protect Yourself: Tax Security 101.” The Security Summit awareness campaign is intended to provide tax professionals with the basic information they need to better protect taxpayer data and to help prevent the filing of fraudulent tax returns.

The Financial Services Modernization Act of 1999, also known as the Gramm-Leach-Bliley (GLB) Act, gives the Federal Trade Commission authority to set information safeguard regulations for various entities, including professional tax return preparers.

According to the FTC Safeguards Rule, tax return preparers must create and enact security plans to protect client data. Failure to do so may result in an FTC investigation. The IRS also may treat a violation of the FTC Safeguards Rule as a violation of IRS Revenue Procedure 2007-40, which sets the rules for tax professionals participating as an Authorized IRS e-file Provider.

To read this bulletin in it's entirety, go to https://www.irs.gov/newsroom/tax-security-101-security-summit-reminds-professional-tax-preparers-of-....

Released September 4, 2018 (IR-2018-177)

WASHINGTON – The Internal Revenue Service, state tax agencies and the tax industry today called on tax professionals to be alert to the subtle signs of data theft, noting continuing cases where practitioners are victims of theft and don’t even know it. 

Cybercriminals often leave few signs of their burglary until the fraudulent tax returns are filed and clients are harmed. This is one more reason tax professionals should use strong security protections to prevent data theft from occurring. 

IRS Summit Partners Detail Warning Signs of Client Data Theft; Urge Tax Professionals to Remain Alert: 
https://accountants-community.intuit.com/articles/1750760&src=lsccom

Update 9/11/2018

Audit: IRS May Have Processed More Than 1M Bogus Power-of-Attorney Requests

By Toby Eckert

The IRS may have processed more than 1.1 million requests for power of attorney that weren't authorized by the taxpayer, according to an audit released today.

Approval of the requests allows third parties like attorneys and CPAs to get access to a person's tax information.

"Tax examiner reviews of these forms do not include steps to verify that the legitimate taxpayer submitted or signed the form to authorize access to his or her tax information," according to the report by the Treasury Inspector General for Tax Administration.

However, the IRS called TIGTA's estimate "substantially overstated" based on its own discovery of potentially fraudulent authorization forms.

"As of June 2018, we have implemented several actions to reduce the risks associated with potentially fraudulent authorizations," including better procedures to identify such authorizations in the agency's Centralized Authorization File, according to an agency response included in the TIGTA report.

TIGTA also criticized the IRS for "inaction" on implementing a new third-party authorization tool, which would require multi-factor authentication of requests for power of attorney.

Agency officials said they submitted a work request for the tool to an IRS steering committee in January 2017, but it was rejected and the request was canceled in September 2017.

"Although this work was not funded for fiscal year 2018 ... it cannot be concluded that this work is not a priority for the IRS," the agency said, adding that it "will continue to purse implementation of an online authorization interface."

Update 9/11/2018

WASHINGTON – The Internal Revenue Service and its Security Summit partners today reminded tax professionals that they should report data theft immediately and follow an established process for helping the IRS protect their clients. 

If notified timely, the IRS can help stop fraudulent tax returns being filed in clients’ names, which otherwise might delay legitimate tax refunds. This action to help protect taxpayers requires the cooperation of the tax professional with the IRS. 

IRS Security Summit Outlines Data Theft Reporting Process for Tax Professionals; Speed Helps Protect Taxpayers: https://accountants-community.intuit.com/articles/1750762&src=lsccom

Update 10/1/2018

WASHINGTON — The Internal Revenue Service is reminding taxpayers to beware of criminals who continue using devious tactics to steal money and personal information from unsuspecting victims, especially as the fall season approaches.

The agency warns that scammers continue to pose as the IRS, making threatening phone calls and using email phishing schemes to lure taxpayers. The scams may be particularly prevalent ahead of the Oct. 15 tax-filing extension deadline. Another tax scam, where criminals pose as charity organizations, tends to peak during hurricane season or following a natural disaster. Taxpayers should learn about these ongoing tax scams and know what to do if they’re targeted.

For more details, please see IR-2018-193 IRS News Alert link below.

IRS  Scammers Scheming Around Oct. 15 Deadline; Here's What to Do: https://www.irs.gov/newsroom/irs-alerts-taxpayers-scammers-scheming-around-oct-15-deadline-heres-wha...

Update 11/19/2018 

WASHINGTON — The Internal Revenue Service and Security Summit partners today warned the public of a surge of fraudulent emails impersonating the IRS and using tax transcripts as bait to entice users to open documents containing malware.

The scam is especially problematic for businesses whose employees might open the malware because this malware can spread throughout the network and potentially take months to successfully remove.

For more details, please see IR-2018-226 IRS News Alert link below.

IRS warns of "Tax Transcript" email scam; dangers to business networks: https://www.irs.gov/newsroom/irs-warns-of-tax-transcript-email-scam-dangers-to-business-networks

Update 11/20/2018

WASHINGTON – With the approach of the holidays and the upcoming tax season, the Internal Revenue Service, state tax agencies and the nation’s tax industry will sponsor a nationwide campaign in December urging people to better protect their sensitive tax and financial data.

The third annual National Tax Security Awareness campaign, to be held Dec. 3-7, will feature events nationwide, highlight a daily security topic and mark the launch of a special @IRSTaxSecurity Twitter handle that will keep the public aware of emerging threats throughout the 2019 tax filing season. 

For more details, please see IR-2018-228 IRS News Article link below.

Security Summit plans National Tax Security Awareness Week, Dec. 3-7; New Twitter handle launched, ‘Dark Web’ webinar planned: https://www.irs.gov/newsroom/security-summit-plans-national-tax-security-awareness-week-dec-3-7-new-...

Update 12/4/18 

WASHINGTON ― With the approach of the holidays and the 2019 filing season, the Internal Revenue Service, state tax agencies and the nation’s tax industry warned people to be on the lookout following a surge of new, sophisticated email phishing scams.

Taxpayers saw many more phishing scams in 2018 as the IRS recorded a 60 percent increase in bogus email schemes that seek to steal money or tax data. These schemes can endanger a taxpayer’s financial and tax data, allowing identity thieves a chance to try stealing a tax refund.
 
For more details, please see IR-2018-240 IRS News Article link below.

IRS sees surge in email phishing scams; Summit Partners urge taxpayers: ‘Don’t Take the Bait’: https://www.irs.gov/newsroom/irs-sees-surge-in-email-phishing-scams-summit-partners-urge-taxpayers-d...

Update 12/4/2018

WASHINGTON – To help protect against cybercriminals stealing identities, the IRS, state tax agencies and the nation’s tax industry urged people to review new, stronger standards to protect the passwords of their online accounts.

Every individual or tax practitioner who maintains any type of online accounts should use strong passwords to protect against savvy cybercriminals taking over their identities and accessing sensitive tax and financial data.

For more details, please see IR-2018-241 IRS News Alert link below.

Security Summit Partners highlight new password guidance, urge taxpayers and practitioners to protect all accounts:  https://www.irs.gov/newsroom/security-summit-partners-highlight-new-password-guidance-urge-taxpayers...

Update 12/6/2018 

WASHINGTON – As the 2019 tax season approaches, the IRS, state tax agencies and the nation’s tax industry joined together to warn small businesses to be on-guard against a growing wave of identity theft and W-2 scams.

Small business identity theft is big business for identity thieves. Just like individuals, businesses may have their identities stolen and their sensitive information used to open credit card accounts or used to file fraudulent tax returns for bogus refunds. Employers also hold sensitive tax data on employees, such as Form W-2 data, which also is highly valued by identity thieves.

For more details, please see IR-2018-243 IRS News Alert link below.

Security Summit warns employers: Be alert to identity theft and W-2 scams: https://www.irs.gov/newsroom/security-summit-warns-employers-be-alert-to-identity-theft-and-w-2-scam...